Hi guys, how about the results if we refreshing a report in infoview(logon with enterprise account) which unvierse had configed with SSO auchentication
very thanks.
Daniel.xue 
(BOB member since 2006-12-21)
Universes do not get configured with SSO. AD SSO is a authentication process to eliminate application log in redundancies. Universes associated with the documents
icotler 
(BOB member since 2002-08-19)
maybe i did’t describe it clearly.
Our bo server migrated with SAP and using multi Authentication type(Enterpirse & SAP). also the role level security had been applied in BW module for all BO user account which import from SAP. while we create the unverse connection, i select the SSO authentication type but not indentify user/pass. these step can pass through the authentication infomation from login user. my question is for those users that do not have SAP account but only bo account, what’s the result while they refresh the webi report that base on that universe.
Daniel.xue (BOB member since 2006-12-21)
If the enterprise user belongs to the group which rows level security applied to the results will be the same as for AD user in this group. Row level security is independent of the log in authentication.
I am assuming that you have a groups set up for row level security/overloads. It is a bad practice to have just users assigned to the row level security/overloads.
icotler (BOB member since 2002-08-19)
Oh…
the row level security control strategy base on SAP BW query in universe is different with traditional relational database.
In unvierse that connect to SAP BW, it’s have no any option to configure the user or group.
Daniel.xue (BOB member since 2006-12-21)
Ok. In case of BW universe I think you are correct no option for row level security is available. I was under impression that you are talking about regular universes.
icotler (BOB member since 2002-08-19)
[quote:d4da54ad49=“Daniel.xue”]Oh…
the row level security control strategy base on SAP BW query in universe is different with traditional relational database.
In unvierse that connect to SAP BW, it’s have no any option to configure the user or group.
[/quote]
With a SAP BW universe, row-level security must be done via SAP authentication to pick up the restrictions based on the user’s SAP login.
:?
yes, we have do this in SAP site.
my quesiton is not how we realize it(RLS), my question is what’s the results while we refresh these reports which row level security had been applied if we login infoview as Enterprise account.
Daniel.xue (BOB member since 2006-12-21)
yes, we have do this in SAP site.
my quesiton is not how we realize it(RLS), my question is what’s the results while we refresh these reports which row level security had been applied if we login infoview as Enterprise account.
[/quote]
It depends how you’ve set the connection up. What Authentication Mode have you set up when defining your SAP universe connection?
If it is “Use specified username and password” then you’ll get the row level restrictions related to that account.
If it is Use Single Sign On then obviously you’ll struggle with an Enterprise account. You might be able to get it working, though, by specifying an secSAPr3 Alias in the CMC against a user with the Use BusinessObjects credential mapping turned on. I’ve not tested this yet, though, because I’m too busy with artistic differences the BW developer. :?